Introduction To ISO 27005 (ISO27005)

ISO 27005 is the name of the prime 27000 series standard covering information security risk management. The standard provides guidelines for information security risk management (ISRM) in an organization, specifically supporting the requirements of an information security management system defined by ISO 27001.

The ISO 27005 standard comprises 55 pages, and is applicable to all types of organization. It does not provide or recommend a specific methodology. This will depend upon a number of factors, such as the actual scope of the Information Security Management System (ISMS), or perhaps the industry/commercial sector.